Quoting ME (dugan@passwall.com):
> The local sysadmin can arrange for local access to memory, and can
> trojan any application. SSH does *nothing* for securing a host. The
> only thing that SSH tries to do is to "provide a more secure
> connection across an insecure network." The assumption is that you
> have both hosts secured from outsiders. Either host being comprimised
> means increased risk to the other machine.
Patching SSH to authenticate with OPIE, SKEY, or a SecureID card can fix
this (at the cost of significant inconvenience).
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox